[Samba] help again with dns and samba 4 ad

Nick Howitt nick at howitts.co.uk
Wed Sep 2 14:42:34 UTC 2020

Or set dnsmasq as the primary DNS server, but include a line in your 
dnsmasq config:

That way dnsmasq hands off the dc domain lookups to samba but does all 
the rest itself?

On 02/09/2020 15:35, jmpatagonia via samba wrote:
>   Correct we have the dnsmasq server dns+dhcp on other ip server.
> So if I understand well, we will use the samba DC as a "authoritative
> nameserver" and the dnsmasq as a forwarder dns for resolve outside our zone
> ?
> And we set on the dnsmasq (when deliver ip to the client as a dhcp server)
> the primary dns is a samba DC server, and too we can set the dnsmasq a
> secondary dns server or is not necessary that (because the DC asking the
> dnsmasq) ?
> Scenario:
> dnsmasq as dhcp server: serve ip and tell to client the primary dns is
> samba DC, and tell to client the secondary dns is dnsmasq
> or
> dnsmasq as dhcp server: serve ip and tell to client the primary dns is
> samba DC, and samba DC is responsible to asking the dnsmasq for resolv
> sites outsite the zone and answer to client.
> Regards
> El mié., 2 sept. 2020 a las 11:03, Rowland penny via samba (<
> samba at lists.samba.org>) escribió:
>> On 02/09/2020 14:19, jmpatagonia via samba wrote:
>>> I need helping again implementing samba4 ad and dns:
>>> Actually we have a dnsmasq server with dhcp/dns services for users on the
>>> lan, if we start to using the internal samba4 dns server to resolv names
>> on
>>> the zone of DC server example mydomain.test.com we can use the actual
>>> dnsmasq to server another domains that we need ?, for example
>>> otherdomain.testing.com.ar
>>> If that is correct we need to include the parameter
>>>                   dns forwarder = dnsmasq-ip-server
>>> on the smb.conf ? so what samba asking dnsmasq to resolv the name.
>>> Regards.
>> It all depends on whether you have any Unix dhcp clients in the AD
>> domain, because these will not update their records in AD.
>> Windows clients can update their AD records.
>> Your domain clients must use the DC(s) as their nameserver(s) and
>> anything it doesn't know about (www.google.com for instance) will be
>> forwarded to the DNS server set in smb.conf or the bind conf files (if
>> using Bind9).
>> So, yes you can use your dnsmasq server, provided it isn't in the same
>> dns domain as your DC(s).
>> Rowland
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list